Parse Exif Data
[ POST ] https://api.malcore.io/api/exif
Parse the exif data out of the file
Query Params
filename1file
Headers
apiKeystring
Request
curl -X POST https://api.malcore.io/api/exif \
-H "apiKey: MY-API-KEY" \
-F "filename1=@calc.exe" \Response
🟢 200
{
"code_signature": "48 83 ec 28 e8 2b fa ff ff 48",
"file_information": {
"file_extension": "exe",
"header_information": {
"file_header_hexdump": "4d5a90000300000004000000ffff0000b8000000000000004000000000000000",
"file_header_ascii": "MZ......................@.......",
"file_header_crc32": "0x208ddfe",
"offset": "0x0"
},
"file_description": "DOS MZ executable file format and its descendants (including NE and PE)"
},
"misc_information": {
"subsystem": "Windows GUI",
"linker_version": 14.2,
"product_version": "10.0.19041.1",
"warning": "Possibly corrupt Version resource",
"entry_point": "0x1870",
"language_code": "English (U.S.)",
"file_version_number": "10.0.19041.1",
"character_set": "Unicode",
"subsystem_version": 10,
"image_version": 10,
"file_subtype": 0,
"file_version": "10.0.19041.1 (WinBuild.160101.0800)",
"os_version": 10,
"company_name": "Microsoft Corporation",
"internal_name": "CALC",
"product_name": "Microsoft® Windows® Operating System",
"pe_type": "PE32+",
"file_os": "Windows NT 32-bit",
"original_file_name": "CALC.EXE",
"file_description": "Windows Calculator",
"machine_type": "AMD AMD64",
"object_file_type": "Executable application",
"initialized_data_size": 25088,
"file_flags_mask": "0x003f",
"product_version_number": "10.0.19041.1",
"legal_copyright": "© Microsoft Corporation. All rights reserved.",
"image_file_characteristics": "Executable, Large address aware",
"uninitialized_data_size": 0,
"code_size": 3072
},
"signature_info": {
"signature_results": [],
"is_signed": false
},
"file_size": "27648",
"compilation_timestamp": "Sep 24, 1971 04:02:24 PM",
"mime_type": "application/x-msdownload"
}🔴 400
{}Last updated